package com.samsung.android.service.health.security;

import android.content.Context;
import android.provider.Settings;
import android.util.Base64;
import com.samsung.android.sdk.healthdata.privileged.util.LogUtil;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public final class KeyOperation {
    private static final String TAG = LogUtil.makeTag("KeyOperation");

    public static byte[] cipherMessage(byte[] bArr, byte[] bArr2, boolean z) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, "AES");
        Cipher cipher = Cipher.getInstance("AES");
        if (z) {
            cipher.init(1, secretKeySpec);
        } else {
            cipher.init(2, secretKeySpec);
        }
        return cipher.doFinal(bArr);
    }

    private static byte[] decryptKey(Context context, String str, byte[] bArr, boolean z) {
        try {
            return cipherMessage(bArr, getCipherKey(context, str, z), false);
        } catch (Exception e) {
            ServiceLogger.doKoLogging(context, "ENC/DEC_FAIL0 : " + e.getMessage(), true);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized boolean doesKeyFileExist(Context context) {
        boolean z;
        synchronized (KeyOperation.class) {
            z = context.getFileStreamPath("encryptedKeystore").length() > 0;
        }
        return z;
    }

    private static byte[] encryptKey(Context context, String str, byte[] bArr) {
        try {
            return cipherMessage(bArr, getCipherKey(context, str, false), true);
        } catch (UnsupportedEncodingException | GeneralSecurityException e) {
            e.printStackTrace();
            LogUtil.LOGE(TAG, "Failed to encrypt key");
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Code restructure failed: missing block: B:15:0x00a6, code lost:
    
        if (com.samsung.android.service.health.security.DbChecker.checkDbKeyValidity(r12, r14, "KeyGenDPW_InvalidDb") != false) goto L36;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static synchronized byte[] generateDbKeyInLocal(android.content.Context r12, java.lang.String r13, byte[] r14) {
        /*
            r6 = 0
            java.lang.Class<com.samsung.android.service.health.security.KeyOperation> r7 = com.samsung.android.service.health.security.KeyOperation.class
            monitor-enter(r7)
            r4 = 0
            if (r14 != 0) goto L4f
            boolean r8 = doesKeyFileExist(r12)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            if (r8 == 0) goto L1a
            java.lang.String r8 = "KeyGenDPW_AlreadyExists"
            r9 = 1
            com.samsung.android.service.health.security.ServiceLogger.doKmLogging(r12, r8, r9)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            byte[] r6 = getDbKeyFromKeyFile(r12, r13)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
        L18:
            monitor-exit(r7)
            return r6
        L1a:
            r3 = 0
        L1b:
            r8 = 3
            if (r3 >= r8) goto L4f
            r8 = 256(0x100, float:3.59E-43)
            byte[] r8 = generateRandom(r8)     // Catch: java.lang.Throwable -> L7a java.lang.Exception -> L7d
            java.lang.String r9 = new java.lang.String     // Catch: java.lang.Throwable -> L7a java.lang.Exception -> L7d
            java.lang.String r10 = "UTF-8"
            r9.<init>(r8, r10)     // Catch: java.lang.Throwable -> L7a java.lang.Exception -> L7d
            long r10 = java.lang.System.currentTimeMillis()     // Catch: java.lang.Throwable -> L7a java.lang.Exception -> L7d
            java.lang.String r8 = java.lang.Long.toString(r10)     // Catch: java.lang.Throwable -> L7a java.lang.Exception -> L7d
            java.lang.String r10 = "UTF-8"
            byte[] r8 = r8.getBytes(r10)     // Catch: java.lang.Throwable -> L7a java.lang.Exception -> L7d
            r10 = 1024(0x400, float:1.435E-42)
            javax.crypto.SecretKey r8 = getSecretKey(r9, r8, r10)     // Catch: java.lang.Throwable -> L7a java.lang.Exception -> L7d
            byte[] r0 = r8.getEncoded()     // Catch: java.lang.Throwable -> L7a java.lang.Exception -> L7d
            java.lang.String r8 = com.samsung.android.service.health.security.KeyOperation.TAG     // Catch: java.lang.Throwable -> L7a java.lang.Exception -> L7d
            java.lang.String r9 = "New creation"
            com.samsung.android.sdk.healthdata.privileged.util.LogUtil.LOGD(r8, r9)     // Catch: java.lang.Throwable -> L7a java.lang.Exception -> L7d
            r4 = 1
            r14 = r0
        L4f:
            r8 = 1
            boolean r8 = com.samsung.android.service.health.security.DbChecker.isDbAlreadyExist(r12, r8)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            if (r8 == 0) goto La8
            if (r4 == 0) goto L9f
            java.lang.String r8 = "KeyGenDPW_denied"
            r9 = 1
            com.samsung.android.service.health.security.ServiceLogger.doKmLogging(r12, r8, r9)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            goto L18
        L60:
            r1 = move-exception
            java.lang.StringBuilder r8 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L7a
            java.lang.String r9 = "KeyGenDPW1:"
            r8.<init>(r9)     // Catch: java.lang.Throwable -> L7a
            java.lang.String r9 = r1.getMessage()     // Catch: java.lang.Throwable -> L7a
            java.lang.StringBuilder r8 = r8.append(r9)     // Catch: java.lang.Throwable -> L7a
            java.lang.String r8 = r8.toString()     // Catch: java.lang.Throwable -> L7a
            r9 = 1
            com.samsung.android.service.health.security.ServiceLogger.doKmLogging(r12, r8, r9)     // Catch: java.lang.Throwable -> L7a
            goto L18
        L7a:
            r6 = move-exception
            monitor-exit(r7)
            throw r6
        L7d:
            r1 = move-exception
            java.lang.String r8 = com.samsung.android.service.health.security.KeyOperation.TAG     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            java.lang.StringBuilder r9 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            java.lang.String r10 = "create key failed due to : "
            r9.<init>(r10)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            java.lang.String r10 = r1.getMessage()     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            java.lang.StringBuilder r9 = r9.append(r10)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            java.lang.String r9 = r9.toString()     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            com.samsung.android.sdk.healthdata.privileged.util.LogUtil.LOGE(r8, r9)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            r8 = 2
            if (r3 != r8) goto L9b
            throw r1     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
        L9b:
            int r3 = r3 + 1
            goto L1b
        L9f:
            java.lang.String r8 = "KeyGenDPW_InvalidDb"
            boolean r8 = com.samsung.android.service.health.security.DbChecker.checkDbKeyValidity(r12, r14, r8)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            if (r8 == 0) goto L18
        La8:
            byte[] r2 = encryptKey(r12, r13, r14)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            java.lang.String r8 = "encryptedKeystore"
            boolean r8 = saveBytesToFile(r12, r2, r8)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            if (r8 != 0) goto Lbe
            java.lang.String r8 = "KeyGenDPW2"
            r9 = 1
            com.samsung.android.service.health.security.ServiceLogger.doKmLogging(r12, r8, r9)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            goto L18
        Lbe:
            byte[] r5 = getDbKeyFromKeyFile(r12, r13)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            boolean r8 = java.util.Arrays.equals(r5, r14)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            if (r8 != 0) goto Ld1
            java.lang.String r8 = "KeyGenDPW3"
            r9 = 1
            com.samsung.android.service.health.security.ServiceLogger.doKmLogging(r12, r8, r9)     // Catch: java.lang.Exception -> L60 java.lang.Throwable -> L7a
            goto L18
        Ld1:
            r6 = r14
            goto L18
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsung.android.service.health.security.KeyOperation.generateDbKeyInLocal(android.content.Context, java.lang.String, byte[]):byte[]");
    }

    private static byte[] generateRandom(int i) {
        try {
            byte[] bArr = new byte[i];
            SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
            return Arrays.copyOfRange(Base64.encode(bArr, 0), 0, i);
        } catch (NoSuchAlgorithmException e) {
            throw new SecurityException("SHA1PRNG not available", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized byte[] getAndRecoverDbKeyFromKeyFile(Context context, String str) {
        byte[] dbKeyFromKeyFile;
        synchronized (KeyOperation.class) {
            dbKeyFromKeyFile = getDbKeyFromKeyFile(context, str);
            boolean z = true;
            if (dbKeyFromKeyFile == null) {
                dbKeyFromKeyFile = getDbKeyFromTempKeyFile(context, str);
                z = false;
            }
            if (dbKeyFromKeyFile == null) {
                ServiceLogger.doKmLogging(context, "GetDbKeyFail", true);
            } else if (!DbChecker.checkDbKeyValidity(context, dbKeyFromKeyFile, "GetAndRecover")) {
                ServiceLogger.doKmLogging(context, "RcDbKeyWrongKey", true);
            } else if (!z && !saveAndCheckDbKey(context, dbKeyFromKeyFile, str, "encryptedKeystore", "RecoverKf")) {
                ServiceLogger.doKmLogging(context, "RcDbKeyRecoverFail", true);
            }
            dbKeyFromKeyFile = null;
        }
        return dbKeyFromKeyFile;
    }

    private static byte[] getByteFromFile(Context context, String str) throws IOException {
        return getByteFromFile(context.getFileStreamPath(str));
    }

    public static byte[] getByteFromFile(File file) throws IOException {
        int length = (int) file.length();
        byte[] bArr = new byte[length];
        if (length == 0) {
            return bArr;
        }
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
            try {
                bufferedInputStream.read(bArr);
                bufferedInputStream.close();
            } finally {
            }
        } catch (IOException e) {
            LogUtil.LOGE(TAG, e.getMessage() != null ? e.getMessage() : "IOException occurred");
            bArr = null;
        }
        return bArr;
    }

    public static SecretKey getCipherKey(String str, byte[] bArr) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeySpecException {
        return getSecretKey(str, bArr, 256);
    }

    private static byte[] getCipherKey(Context context, String str, boolean z) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeySpecException {
        try {
            SecretKey cipherKey = getCipherKey(str, getSalt(context, z));
            if (cipherKey != null) {
                return cipherKey.getEncoded();
            }
            ServiceLogger.doKoLogging(context, "FAIL_GET_KEY", true);
            LogUtil.LOGD(TAG, "Fails to create new key for secure DB");
            return null;
        } catch (IOException e) {
            ServiceLogger.doKoLogging(context, "FAIL_GET_SALT : " + e.getMessage(), true);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized byte[] getDbKeyFromFile(Context context, String str, String str2, boolean z) {
        byte[] bArr;
        synchronized (KeyOperation.class) {
            byte[] storeKey = getStoreKey(context, str2);
            if (storeKey == null || storeKey.length == 0) {
                bArr = null;
            } else {
                bArr = decryptKey(context, str, storeKey, z);
                if (bArr == null) {
                    bArr = null;
                }
            }
        }
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getDbKeyFromKeyFile(Context context, String str) {
        return getDbKeyFromFile(context, str, "encryptedKeystore", false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getDbKeyFromTempKeyFile(Context context, String str) {
        return getDbKeyFromFile(context, str, "TempEncryptedKeystore", false);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String getDefaultPassword(Context context) {
        String string = Settings.Secure.getString(context.getContentResolver(), "android_id");
        if (string == null || string.isEmpty()) {
            ServiceLogger.doKmLogging(context, "DefaultPW0", true);
            return null;
        }
        try {
            return KeyManager.getInstance().getMagic(MessageDigest.getInstance("MD5").digest(string.getBytes(StandardCharsets.UTF_8)));
        } catch (NoSuchAlgorithmException e) {
            ServiceLogger.doKmLogging(context, "DefaultPW1", true);
            return null;
        }
    }

    private static byte[] getSalt(Context context, boolean z) throws IOException {
        byte[] saltFromFile;
        for (int i = 0; i < 10; i++) {
            byte[] saltFromFile2 = getSaltFromFile(context, z);
            if (saltFromFile2 != null) {
                if (saltFromFile2.length == 0) {
                    for (int i2 = 0; i2 < 10; i2++) {
                        byte[] generateRandom = generateRandom(128);
                        if ((z ? saveBytesToFile(context, generateRandom, "SALT") : saveBytesToFile(context, generateRandom, "SHealthSalt")) && (saltFromFile = getSaltFromFile(context, z)) != null && saltFromFile.length == 128 && Arrays.equals(generateRandom, saltFromFile)) {
                            return generateRandom;
                        }
                        try {
                            Thread.sleep(100L);
                        } catch (InterruptedException e) {
                        }
                    }
                } else if (saltFromFile2.length == 128) {
                    return saltFromFile2;
                }
            }
            try {
                Thread.sleep(100L);
            } catch (InterruptedException e2) {
            }
        }
        throw new IOException("Fail to get salt");
    }

    private static byte[] getSaltFromFile(Context context, boolean z) throws IOException {
        return z ? getByteFromFile(context, "SALT") : getByteFromFile(context, "SHealthSalt");
    }

    private static SecretKey getSecretKey(String str, byte[] bArr, int i) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeySpecException {
        return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(str.toCharArray(), bArr, 1000, i));
    }

    private static byte[] getStoreKey(Context context, String str) {
        try {
            byte[] byteFromFile = getByteFromFile(context, str);
            if (byteFromFile == null) {
                return byteFromFile;
            }
            LogUtil.LOGD(TAG, "KF size = " + byteFromFile.length);
            return byteFromFile;
        } catch (IOException e) {
            ServiceLogger.doKoLogging(context, "KEYIO0 : " + e.getMessage(), true);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized boolean saveAndCheckDbKey(Context context, byte[] bArr, String str, String str2, String str3) {
        boolean z = false;
        synchronized (KeyOperation.class) {
            byte[] encryptKey = encryptKey(context, str, bArr);
            if (encryptKey != null) {
                if (saveBytesToFile(context, encryptKey, str2)) {
                    if (Arrays.equals(getDbKeyFromFile(context, str, str2, false), bArr)) {
                        z = true;
                    } else {
                        ServiceLogger.doKmLogging(context, str3 + "RechkFail", true);
                    }
                } else if (context.deleteFile(str2)) {
                    ServiceLogger.doKmLogging(context, str3 + "SaveFail", true);
                } else {
                    ServiceLogger.doKmLogging(context, str3 + "SaveAndDeleteFail", true);
                }
            }
        }
        return z;
    }

    /* JADX WARN: Removed duplicated region for block: B:21:0x0044 A[Catch: IOException -> 0x002a, all -> 0x0041, TRY_ENTER, TRY_LEAVE, TryCatch #2 {IOException -> 0x002a, blocks: (B:5:0x0004, B:9:0x0019, B:24:0x0026, B:22:0x0029, B:21:0x0044, B:27:0x003d), top: B:4:0x0004, outer: #1 }] */
    /* JADX WARN: Removed duplicated region for block: B:23:0x0026 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static synchronized boolean saveBytesToFile(android.content.Context r8, byte[] r9, java.lang.String r10) {
        /*
            java.lang.Class<com.samsung.android.service.health.security.KeyOperation> r5 = com.samsung.android.service.health.security.KeyOperation.class
            monitor-enter(r5)
            r2 = 1
            java.io.BufferedOutputStream r0 = new java.io.BufferedOutputStream     // Catch: java.io.IOException -> L2a java.lang.Throwable -> L41
            java.io.FileOutputStream r3 = new java.io.FileOutputStream     // Catch: java.io.IOException -> L2a java.lang.Throwable -> L41
            java.io.File r4 = r8.getFileStreamPath(r10)     // Catch: java.io.IOException -> L2a java.lang.Throwable -> L41
            r3.<init>(r4)     // Catch: java.io.IOException -> L2a java.lang.Throwable -> L41
            r0.<init>(r3)     // Catch: java.io.IOException -> L2a java.lang.Throwable -> L41
            r4 = 0
            r0.write(r9)     // Catch: java.lang.Throwable -> L1e java.lang.Throwable -> L4c
            r0.flush()     // Catch: java.lang.Throwable -> L1e java.lang.Throwable -> L4c
            r0.close()     // Catch: java.io.IOException -> L2a java.lang.Throwable -> L41
        L1c:
            monitor-exit(r5)
            return r2
        L1e:
            r3 = move-exception
            throw r3     // Catch: java.lang.Throwable -> L20
        L20:
            r4 = move-exception
            r7 = r4
            r4 = r3
            r3 = r7
        L24:
            if (r4 == 0) goto L44
            r0.close()     // Catch: java.io.IOException -> L2a java.lang.Throwable -> L3c java.lang.Throwable -> L41
        L29:
            throw r3     // Catch: java.io.IOException -> L2a java.lang.Throwable -> L41
        L2a:
            r1 = move-exception
            java.lang.String r4 = com.samsung.android.service.health.security.KeyOperation.TAG     // Catch: java.lang.Throwable -> L41
            java.lang.String r3 = r1.getMessage()     // Catch: java.lang.Throwable -> L41
            if (r3 == 0) goto L48
            java.lang.String r3 = r1.getMessage()     // Catch: java.lang.Throwable -> L41
        L37:
            com.samsung.android.sdk.healthdata.privileged.util.LogUtil.LOGE(r4, r3)     // Catch: java.lang.Throwable -> L41
            r2 = 0
            goto L1c
        L3c:
            r6 = move-exception
            r4.addSuppressed(r6)     // Catch: java.io.IOException -> L2a java.lang.Throwable -> L41
            goto L29
        L41:
            r3 = move-exception
            monitor-exit(r5)
            throw r3
        L44:
            r0.close()     // Catch: java.io.IOException -> L2a java.lang.Throwable -> L41
            goto L29
        L48:
            java.lang.String r3 = "IOException occurred"
            goto L37
        L4c:
            r3 = move-exception
            goto L24
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsung.android.service.health.security.KeyOperation.saveBytesToFile(android.content.Context, byte[], java.lang.String):boolean");
    }
}
